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1. REAL PARTY IN INTEREST 

The real party in interest is assignee Sybase, Inc. located at One Sybase Drive, 
Dublin, CA 94568. 

2. RELATED APPEALS AND INTERFERENCES 

There are no appeals or interferences known to Appellant, the Appellant's legal 
representative, or assignee which will directly affect or be directly affected by or have a 
bearing on the Board's decision in the pending appeal. 

3. STATUS OF CLAIMS 

The status of all claims in the proceeding is as follows: 

Rejected: Claims 1-22, 24 

Allowed or Confirmed: None 

Withdrawn: None 

Objected to: None 

Canceled: Claim 23 

Identification of claims that are being appealed: Claims 1-22, 24 

An appendix setting forth the claims involved in the appeal is included as Section 
8 of this brief. 

4. STATUS OF AMENDMENTS 

One Response / Request for Reconsideration has been filed in this case. 

Appellant filed a Response / Request for Reconsideration on February 1 , 2008 in 
response to a non-final Office Action dated November 5, 2007 setting forth in detail the 
reasons why Appellant believes that the claimed invention is clearly distinguished over 
the art of record and overcomes the art rejections. In response to the Examiner's Final 
Rejection dated January 9, 2008 (hereinafter "Final Rejection") finally rejecting 
Appellant's claims, Appellant filed a Notice of Appeal. Subsequently, Appellant filed an 
Amendment After Appeal on October 7, 2008 canceling claim 23 in response to the 
Examiner's objection to that claim. Appellant discussed the Amendment After Appeal 
with the Examiner on October 7, 2008 and was informed that the Amendment would be 
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entered. Appellant has chosen to forego making other amendments to the claims as it is 
believed that further amendments to the claims are not warranted in view of the art. 

5. SUMMARY OF CLAIMED SUBJECT MATTER 

Appellant asserts that the art rejections herein fail to teach or suggest all of the 
claim limitations of Appellant's claimed invention, where the claimed invention is set 
forth in the embodiment in independent claim 1: A computer-implemented method for 
specifying and enforcing entitlements for performance of financial transactions (see e.g., 
Appellant's specification, paragraph [0013], paragraphs [0043]-[0044], paragraphs 
[0055]-[0056], paragraph [0059]; also see generally, e.g.. Fig. 1, Fig. 2, Fig. 3; Figs. 5A- 
B), the method comprising: providing a hierarchical entitlement structure with 
inheritance for specifying entitlements for performing financial transactions (see e.g., 
Appellant's specification, paragraph [0013], paragraph [0045], paragraph [0063], 
paragraphs [0066]-[0068], paragraph [0073], paragraph [0079], paragraph [0112]; also 
see, e.g.. Fig. 4; Fig. 5 A at 501-503), receiving user input for defining a plurality of 
entitlement groups of said hierarchical entitlement structure (see e.g.. Appellant's 
specification, paragraph [0013], paragraphs [0046]-[0047], paragraph [0049], paragraph 
[0067], paragraph [0073], paragraphs [0079]-[0080], paragraph [0153]; also see, e.g., Fig. 
4; Fig. 5 A at 501-502), wherein each entitlement group has specified permissions to 
perform financial transactions, Umits on performance of said financial transactions, and 
membership of each user (see e.g.. Appellant's specification, paragraph [0013], paragraph 
[0044], paragraphs [0046]-[0047], paragraph [0049], paragraphs [0066]-[0068], 
paragraph [0073], paragraph [0081];also see, e.g.. Fig. 4; Fig. 5A at 503), in response to a 
particular user request to perform a financial transaction at runtime, identifying the 
particular user's membership in a certain entitlement group (see e.g.. Appellant's 
specification, paragraph [0013], paragraphs [0046]-[0047], paragraph [0082]; also see, 
e.g., Fig. 5A at 504-505), and determining whether to allow the particular user to perform 
the financial transaction based on permissions and limits of said hierarchical entitlement 
structure applicable to the particular user's performance of the financial transaction (see 
e.g.. Appellant's specification, paragraph [0013], paragraphs [0046]-[0047], paragraphs 
[0083]-[0085]; also see, e.g.. Figs. 5A-B at 506-511). 
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Appellant further asserts that the art rejections herein fail to teach or suggest all of 
the claim limitations of Appellant's dependent claim 12, with claim limitations of 
defining limits applying collectively to a particular entitlement group and children 
entitlement groups of said particular entitlement group in said hierarchical entitlement 
structure (see e.g., Appellant's specification, paragraph [0047], paragraph [0049], 
paragraph [0075], paragraph [0114], paragraph [0151]; Fig. 5B at 508-509; also see 
generally, e.g.. Fig. 4). 

Appellant further asserts that the art rejections herein fail to teach or suggest all of 
the claim limitations of Appellant's dependent claim 8, with claim limitations wherein 
defining a plurality of entitlement groups includes defining limits comprising a selected 
one of per-transaction limits and cumulative limits over a period of time (see e.g., 
Appellant's specification, paragraph [0047], paragraph [0075], paragraph [0114], 
paragraph [0151]; Fig. 5B at 508-509; also see generally, e.g.. Fig. 4). 

Appellant further asserts that the art rejections herein fail to teach or suggest all of 
the claim limitations of Appellant's dependent claim 2, which includes claim limitations 
of a hierarchical entitlement structure in which a given entitlement group inherits 
permissions provided to its parent entitlement group in said hierarchical entitlement 
structure (see e.g., Appellant's specification, paragraph [0043], paragraph [0045], 
paragraphs [0067]-[0068], paragraph [0112]; Fig. 5A at 503; also see generally, e.g., Fig. 
4). 

Appellant fiirther asserts that the art rejections herein fail to teach or suggest all of 
the claim limitations of Appellant's dependent claim 3, which includes claim limitations 

of defining a plurality of entitlement groups including restricting permissions inherited by 
an entitlement group from its parent entitlement group in said hierarchical entitlement 
structure (see e.g.. Appellant's specification, paragraph [0043], paragraph [0045], 
paragraphs [0067]-[0068], paragraph [0112]; Fig. 5A at 503; also see generally, e.g.. Fig. 
4). 

6. GROUNDS OF REJECTION TO BE REVIEWED 

The grounds for appeal are: 

(1st) Whether claims 1, 4-5, 7-8, 10-16, 18-22 and 24 are unpatentable under 35 
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U.S.C. Section 103(a) as being obvious over U.S. Patent 6,1261,139 to Win (hereinafter 
"Win") in view of U.S. Published Application 2002/0029339 of Rowe (hereinafter 

"Rowe"); and 

(2nd) Whether claims 2-3, 6, 9 and 17 are unpatentable under 35 U.S.C. Section 
103(a) as obvious over Win (above) in view of Rowe (above) and fiirther in view of U.S. 
Patent 6,202,066 to Barkley (hereinafter "Barkley"). 

7. ARGUMENT 

A. First Ground: Claims 1, 4-5, 7-8, 10-16, 18-22 and 24 rejected under 35 U.S.C. 

103(a) 

1 . General 

Under Section 103(a), a patent may not be obtained if the differences between the 
subject matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having 
ordinary skill in the art to which the subject matter pertains. To establish a prima facie 
case of obviousness under this section, the Examiner must establish: (1) that there is 
some suggestion or motivation, either in the references themselves or in the knowledge 
generally available to one of ordinary skill in the art, to modify the reference or to 
combine reference teachings, (2) that there is a reasonable expectation of success, and (3) 
that the prior art reference (or references when combined) must teach or suggest all the 
claim limitations. (See e.g., MPEP 2142). The reference(s) cited by the Examiner fail to 
meet these conditions. 

2. Claims 1, 4-5, 7, 10-11, 13-16,18-22 and 24 

The Examiner has rejected Appellant's claims 1, 4-5, 7-8, 10-16, 18-22 and 24 
under 35 U.S.C. Section 103(a) as being obvious over U.S. Patent 6,1261,139 to Win 
(hereinafter "Win") in view of U.S. Published AppUcation 2002/0029339 of Rowe 
(hereinafter "Rowe"). The following rejection of Appellant's claims 1 by the Examiner is 
representative of the Examiner's rejection of the Appellant's claims under Section 103: 

Re claim 1, Win teaches the limitation of a computer-implemented method for 
specifying and enforcing entitlements for performance of financial transactions, 
the method comprising: 
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providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions (column 4, lines 22-26; column 

5, lines 7-8); 

in response to a particular user request to perform a financial transaction at 
runtime, identifying the particular user's membership in a certain entitlement 
group (column 5, lines 45-55); 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement 
structure applicable to the particular user's performance of the financial 
transaction (colunm 4, lines 15-18); 

receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement structure, wherein each entitlement group has specified 
permissions to perform financial transactions (column 15, lines 15-21; column 4, 

lines 24-26). 

Win doesn't explicitly teach the limitation comprising limits on performance of 
said financial transactions, and membership of each user. Rowe, however, makes 
this teaching (paragraph 12, lines 5-13; paragraph 14). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine 
the teaching of Rowe with those of Win as discussed above for the motivation of 
establishing entitlement to access the account (Rowe, abstract). 

(Final Rejection, paragraph 7, page 8) 

At the outset. Appellant does not claim to have invented the notion of associating 
roles with administrative privileges. Appellant acknowledges that the general teaching of 
role-based administrative privileges is known in the art and is described by Win and other 
prior art references. However, Appellant's claimed invention serves a different and 
distinct role in that it is focused on specifying and enforcing entitlements (including 
permissions and limits) for performing financial transactions (see e.g., Appellant's 
specification, paragraph [0013]). Appellant's solution utilizes a hierarchical structure for 
specifying and enforcing entitlements for performing financial transactions that is 
particularly useful in banking and other financial applications and is distinguishable from 
the cited prior art references in a number of respects as discussed below. 

As mentioned above, one difference between Appellant's invention and the cited 
prior art references is that Appellant's invention is focused on specifying and enforcing 
entitlements (e.g., permissions and limits) for performing financial transactions , which 
can be used as part of a financial application such as a corporate banking application (see 
e.g.. Appellant's specification, paragraph [0013], paragraph [0043]). The entitlements 
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that may be defined and enforced using Appellant's invention include application-specific 
entitlements (e.g., performing certain functions of an application), transaction 
entitlements (e.g., performing certain transactions or operations on an object), and limits 
or limit entitlements such as a maximum dollar limit for payments or similar banking 
functions (see e.g., Appellant's specification, paragraph [0044]). These features are 
included as limitations of Appellant's claims including, for instance, the following 
limitations of Appellant's claim 1 : 

A computer-implemented method for specifying and enforcing entitlements for 
performance of financial transactions, the method comprising: 

providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions ; 
receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement structure, wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said 
financial transactions, and membership of each user; 

(Appellant's claim 1, emphasis added) 

Here, the entitlements that may be specified and enforced with Appellant's claimed 
invention include whether a given user is allowed to perform certain financial 
transactions (e.g., create wire transactions) as well as limits on the user's performance of 
permitted activities, such as setting a dollar limit for payment operations and other 
banking fiinctions (see e.g.. Appellant's specification, paragraph [0044]). 

In the Final Rejection the Examiner continues to argue that Win's teachings of 
associating users with one or more administrative roles and associating each defined 
administrative role with one or more administrative privileges (Win, Abstract and col. 1, 
lines 18-24) are comparable to Appellant's solution for specifying and enforcing 
entitlements for performance of financial transactions (Final Rejection, paragraph 4, 
pages 2-3). The Examiner states that because one of the job functions mentioned by Win 
includes "financial analyst" that implies that a financial analyst performs a finance-related 
fimction (Final Rejection, paragraph 4, page 3). The Examiner then stretches the position 
and purported teachings of Win even fiirther by arguing that since by implication a 
financial analyst performs some sort of finance-related fiinction, one can leap to the 
conclusion that "it is therefore clear that the limitation of privileges and limitations for 
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performing financial transactions is taught by Win" (Final Rejection, paragraph 4, page 
3). Respectfully, one cannot logically make any such leap. The mere mention of the fact 
that an organization may have an employee with a job title of "financial analyst" does not 
teach anything about how financial transactions may actually be performed or how a 
system for specifying and enforcing entitlements (e.g., permissions and limits) for 
performing financial transactions may actually be constructed, particularly when Win 
makes no mention whatsoever of performing financial transactions . As Win does not 
provide any discussion of financial transactions being performed, there is nothing to 
teach or remotely suggest how one might use Win's system to specify and enforce 
permissions and limits for performing financial transactions. 

Additionally, Win's access control system does not include a hierarchical 
entitlement structure with inheritance comparable to that of Appellant's claimed 
invention. Appellant's solution provides a hierarchical entitlement structure with 
inheritance that includes a hierarchy of roles in which a given subordinate role inherits 
attributes from its parent (i.e., superior) role (see e.g.. Appellant's specification, 
paragraph [0045]; also sec e.g., Fig. 5 A at 501-502). The inheritance from above is 
negative (i.e., restrictive) in nature (see e.g., Appellant's specification, paragraph [0045]; 
also see, e.g., paragraph [01 12]; also see e.g.. Fig. 5A at 503). The root node resides at 
the top of the inheritance hierarchy, serving as an administrator who may perform all 
functions in the system (see e.g.. Appellant's specification, paragraph [0045]). As the 
entitlement hierarchy of Appellant's solution is traversed downward from the root, 
additional restrictions are applied to subordinate roles; subordinate roles cannot have 
greater permissions than their parent (see e.g., Appellant's specification, paragraph 
[0045]; see also, paragraph [0068]). By operating in this fashion. Appellant's hierarchical 
entitlements solution with inheritance provides a much more flexible solution as shown, 
for example, by the following: 

The system and methodology of the present invention allows an organization to 
define limits that are not only cumulative to a specific role but that also roll up 
through the entire role hierarchy. A business may, for example, specify that (1) 
its accounts receivable function is able to perform wire transactions, subject to 
limits of $1,000 per wire, $1,000 per day, and $20,000 per month, (2) its accounts 
payable function has the same limit, but (3) the controller function has a different 
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set of limits. Suppose that, for this particular business, the accounts receivable, 
accounts payable, and controller function roll up to the CFO (chief financial 
officer) function in the organization's hierarchy, and the CFO role itself has a 
specified limit of $50,000 per day and $ 1 00,000 per month. In this circumstance, 
the present invention enables the organization to define and enforce limitations 
that the combination of functions under the CFO cannot collectively spend more 
than the limit specified for the CFO. 

(Appellant's specification, paragraph [0047]). 

Although Win's system also provides for defining roles, with each role having a 
set of permissions, it makes no mention of a hierarchical entitlements structure with 
inheritance between roles. In the Final Rejection the Examiner argues that Win's 
teachings of providing selective access to information resources to particular users are 
somehow analogous to Appellant's hierarchical entitlement system with inheritance 
(Final Rejection, paragraph 4, pages 3-4). However, when one reviews the referenced 
teachings, one finds they are not at all comparable. The first teachings of Win referenced 
by the Examiner indicate that there is a need for some mechanism governing access to 
information resources which gives selective access (Win, column 2, lines 25-27) and 
there is also a need to selectively delegate to multiple administrators the administration of 
access control to resources connected to various networks, allowing some of the 
administrators to administer one set of resources while disallowing others (Win, column 
2, lines 35-36). Respectfully, the referenced teachings appear to simply constitute a 
problem statement that a solution for providing a mechanism for access control to 
resources is desirable. No mention is made of any sort of hierarchical structure for 
entitlements used for specifying and enforcing permissions and limits to perform 
financial transactions. 

The Examiner's next takes the above-described teachings as the basis for arguing 
that "the selective delegation of access privileges by itself designates a hierarchical 
structure within an organization where access is granted to some and not others". 
However, what the Examiner is describing is that an organization may be organized in a 
hierarchical structure (e.g., a corporation with a President/CEO at the top and lower level 
employees at the bottom). Appellant acknowledges that an organization such a 
corporation may be organized hierarchically; however, the manner in which employees of 
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a corporation or other organization may be organized does not appear at all relevant to 
how one might develop a computer-implemented solution which regulates the 
performance of financial transactions. Appellant's claimed invention comprises a 
computer-implemented solution including a hierarchical entitlement structure with 
inheritance for specifving entitlements for performing financial transactions . As 
described above, with this hierarchical entitlements structure in which subordinate roles 
inherit entitlements (e.g., permissions and limits) from parent roles. Appellant's review 
of Win finds no mention whatsoever of any hierarchical entitlements structure or of users 
having one role to gaining permissions (entitlements) from other roles through 
inheritance. 

The Examiner argues in the Final Rejection (paragraph 4, page 4) that Win does, 
in fact, disclose the "passing on" of access or entitlement privileges within an 
organization using the following example: 

Any user who is assigned the role of "Sales Manager" in the future will 
automatically have access to the "National Sales Report" resource. If the 
administrator later un-assigns "Sales Manager" from the "National Sales Report" 
resource, then all users associated with the "Sales Manager" role will 
automatically lose access to the resource. 

(Win, col. 18, lines 27-34) 

This example is not one of inheritance, but rather simply is an example of 
conventional role-based permissions. All users assigned the role of "Sales Manager" 
have the same permissions. When the adminisfrator adds a user to the Sales Manager 

role, then the newly added user has the same permission to access the specified resource 
as all other users having the same role. When the administrator withdraws the privilege 
to access the resource from the role, all users associated with the Sales Manager role lose 
the privilege. However, there is no teaching of a given role inheriting permissions from 
any other role. 

The difference between Win's approach and that of Appellant can be illusfrated by 
example. Suppose, for instance, a Customer Service Representative needs permission for 
performing fransactions al, a2 and a3. Furthermore, a Customer Service Manager needs 
permissions for everything a Customer Service Representative can do (i.e., al, a2 and a3) 
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plus cl. Additionally, assume a Customer Service Director needs permission for 
everything a Customer Service Manager can do (i.e., al, a2, a3 and cl) plus dl. In Win's 
system, these permissions can be assigned one of the two ways described below. 

The first approach which can be used in Win's system is to create three roles as 
follows (i) role CSR with permissions al, a2, a3; (ii) role CSM with permission cl; and 
role CSD with permission dl . The role CSR would then be assigned to the Customer 
Service Representative. The Customer Service Manager would then be assigned two 
roles (CSR and CSM) and the Customer Service Director would be assigned all three 
roles (CSR, CSM, CSD). As illustrated, as one goes up the management chain in an 
organization, administration of this type of access control system becomes cumbersome 
due to the number of roles that need to be assigned to some users. 

The second approach which can be utilized with Win's system would be to define 
the same three roles, but assign the privileges differently as follows: (i) role CSR with 
permissions al, a2, a3; (ii) role CSM with permissions al, a2, a3, cl; and (iii) role CSD 
with permissions al, a2, a3, cl, dl. However, consider what happens when a Customer 
Service Representative needs permission to do a4, and therefore Customer Service 
Managers and Directors also need to do a4. This requires that all three roles be changed 
to add the permission to do a4, which is inconvenient and more difficult to administer. 

With Appellant's hierarchical entitlement structure with inheritance, in contrast, 
one can define an inheritance relationship between the Customer Service Manager role 
and the Customer Service Representative role and another relationship between the 
Customer Service Director and the Customer Service Manager. Each user can still have 
one role (e.g., Customer Service Manager), yet gain permissions from other roles through 
inheritance. This makes management of permissions in a hierarchical environment such 
as a corporation easier to model and administer. The features of a hierarchical 
entitlement structure with inheritance are also included as limitations of Appellant's 
claims. For example. Appellant's claim 1 includes the following: 

providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions ; 
receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement structure , wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said 
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financial transactions, and membership of each user; 
in response to a particular user request to perform a financial transaction at 
runtime, identifying the particular user's membership in a certain entitlement 
group; and 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement 
structure applicable to the particular user's performance of the financial 
transaction. 

(Appellant's claim 1, emphasis added) 

In addition to the above-described shortcomings of Win as to Appellant's claimed 
invention, the Examiner also acknowledges that Win provides no teachings of limits on 
performance of financial transactions and membership of users in entitlement groups of 
the previously discussed hierarchical entitlement structure. Thus, the Examiner adds 
Rowe for these teachings. Tuming to the teachings of Rowe, one finds that although 
Rowe mentions the word "limit" it does not include features for defining and enforcing 
limits on the performance of financial transactions comparable to Appellant's claimed 
invention. 

Rowe describes a solution for opening a new bank or financial account with a 
financial provider electronically (Rowe, paragraph [0012], paragraphs [0028]-[0029]). 
As part of Rowe's methodology for establishing an account, a "value limit" is assigned to 

the account (Rowe, paragraph [0012]). This value limit is the maximum amount of funds 
what will be held in the account, which is typically the amount of the initial deposit into 
the account (Rowe, paragraph [0040]). Thus, Rowe's value limit is a single number that 
is assigned to an account that is checked when funds enter the account (Rowe, paragraphs 
[0040]-[0041]). In other words, Rowe's "value limit" is a number associated with a given 
financial accomt (e.g.. bank accomt) and is not a limit which is tied to a user's role . In 
fact, Appellant's review of Rowe finds no mention of roles with permissions relating to 
the type and amount of financial transactions that may be performed by users having such 
roles. 

With Appellant's claimed invention, in contrast, an entitlement group has 
specified permissions to perform financial transactions and limits on the transactions that 
are performed. A user's membership in an entitlement group determines the permissions 
and limitations to which the user is subject. Rowe's teachings are not comparable as the 
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limitations described by Rowe are tied to particular accounts rather than to users or roles 
(i.e., members of entitlement groups). In particular, Rowe makes no mention of the fact 
that a user may belong to an entitlement group which gives the user certain permissions 
and limits to perform financial transactions. 
3. Claim 12 

The above-described distinctions between the hierarchical entitlements structure 
of Appellant's invention and the role-based permissions of Win are made even more 
apparent when one considers the limitations of Appellant's dependent claims. For 
example. Appellant's dependent claim 12 includes the following limitations: 

The method of claim 1, wherein said step of defining a plurality of entitlement 
groups includes defining limits applying collectively to a particular entitlement 
group and children entitlement groups of said particular entitlement group in said 
hierarchical entitlement structure . 

(Appellant's claim 12, emphasis added) 

Consider the example previously described above in this document. Appellant's 
invention enables an organization, for example, to define and enforce limitations 
applicable to the CFO of an organization as well as all those in the organization that 
report to the CFO. In other words, the limits applicable to the CFO apply not only to the 
CFO, but also apply to the combination of functions under the CFO such that they cannot 
collectively spend more than the limit specified for the CFO (see e.g., Appellant's 
specification, paragraph [0047]). 

In this case, the Examiner references the following teachings of Win as being 
comparable to the above-claimed features of Appellant's invention: 

The Role Admin privilege may be delegated to owners of a particular resource, 
for example the technical support database. Administrators in the Technical 
Support Department would be able to control who has access to that resource by 
assigning or removing roles associated with that resource from user accounts. The 
list of roles that may be managed by an administrator with this privilege is limited 
to the roles that have been assigned to their associated Admin Role record. 

(Win, col. 16, lines 59-67) 

As illustrated in the above text. Win makes no mention of a hierarchical 
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entitlements structure in which a particular entitlement group has a child entitlement 
group. Additionally, Win makes no mention of limits, whether such limits are being 
applied to one or more entitlement groups (roles) or otherwise. In fact, as indicated at 
paragraph 7 on page 8 of the Final Rejection the Examiner acknowledges Win does not 
include teachings of limits on performance of financial transactions. Given that the 
Examiner admits Win does not teach limits on performance of financial transactions in 
general, it is clear that Win also cannot teach defining limits which apply collectively to 
more than one entitlement group as provided in the limitations of Appellant's claim 12. 
4. Claims 

Further distinctions between Appellant's claimed invention and the Win and 
Rowe references are found in other dependent claims. For example. Appellant's 
dependent claim 8 includes the following limitations: 

The method of claim 1, wherein said step of defining a plurality of entitlement 
groups includes defining limits comprising a selected one of per-transaction limits 
and cumulative limits over a period of time . 

(Appellant's claim 8, emphasis added) 

Appellant's claimed invention enables a user or administrator to define both per- 
transaction limits and cumulative limits over a period of time for each type of activity 
being performed by users having a given role (i.e., membership in a given entitlement 
group) (see e.g.. Appellant's specification, paragraph [0151]; see also paragraph [0047). 
For example, limits for each role (including those which are inherited) may be established 
per-transaction as well as per day, per week and/or per month for each type of activity 
being performed by the user. In this manner Appellant's invention enables one to define 
a "mass market consumer" role which has permission to pay bills up to a maximum 
amount of $500 per bill, with a maximum cumulative limitation of $2,000 per week. 
Another "affluent consumer" role can be defined which permits a user having such role to 
pay bills up to $1,000 per bill, up to $5,000 per week and may perform external transfers 
of up to $10,000 per month. 

In the Final Rejection the Examiner references Rowe at paragraphs [0040] for the 
corresponding teachings. However, the referenced paragraph reads as follows: 
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In a step Sle, the account provider assigns the account with a maximum funds 
value or value limit. In general, this value may be selected by the customer. Most 
often, the maximum value will comprise the amount of an initial deposit into the 
account by the customer. In one or more embodiments, the account provider may 
only offer accounts having pre-set limits, such as $50, $100, $250 or $500. 

(Rowe, paragraph [0040]) 

Respectfully, the above teachings of Rowe simply describe a fixed "maximum 
funds value" or "value limit" assigned by an account provider to a given financial 
account. In contrast to Rowe's teachings of single values associated with a given 
financial account, Appellant's claimed invention provides for per-transaction and 
cumulative limits which are applicable to particular users or roles. More generally (and 
as previously discussed) the values described by Rowe are tied to accounts and not roles 
and thus are individual to a particular customer account, having no relevance to other 
limits. Therefore, the referenced teachings are not remotely comparable to the above- 
described features of Appellant's claimed invention. 

5. Conclusion 

All told. Win and Rowe, even when combined, do not provide a solution which 
enables one to define and enforce permissions and limits for performing financial 
transactions. In addition, neither reference includes teachings of a solution providing a 
hierarchical entitlement structure with inheritance in which a particular role inherits 
entitlements from another role. In addition, without teaching the hierarchical entitlement 
structure, the combined references cannot include any teaching of defining both per 
transaction limits and cumulative limits over a period of time for each type of activity 
being performed for entitlement groups of the hierarchical entitlement structure. 
Therefore, as the Win and Rowe references, even when combined, do not teach or 
suggest all of the claim limitations of Appellant's claims, it is respectfully submitted that 
claims 1, 4-5, 7-8, 10-16, 18-22 and 24 (as well as other claims) distinguish over the 
combined references and the rejection under Section 103 should not be sustained. 

B. Second Ground: Claims 2-3, 6, 9 and 17 rejected under 35 U.S.C. 103(a) 

1. Claims 2-3, 6, 9 and 17 
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Claims 2-3, 6, 9 and 17 stand rejected under 35 U.S.C. 103(a) as being 
unpatentable over Win (above) in view of Rowe (above) and further in view of U.S. 
Patent 6,202,066 to Barkley (hereinafter "Barkley"). As to these claims, the Examiner 
continues to rely on Win and Rowe, but acknowledges that they do not teach certain 

limitations of these dependent claims as discussed below in more detail. The Examiner 
therefore adds Barkley as providing teachings corresponding to the limitations of these 
dependent claims. 

Appellant's claims are believed to be allowable for at least the reasons cited above 
(as to the first Section 103 rejection) pertaining to the deficiencies of Win and Rowe as to 
Appellant's invention. As these claims are dependent upon, and incorporate the 
limitations of Appellant's independent claims, they are distinguishable for the reasons 
previously described in detail in Appellant's First Ground of Appeal (incorporated by 
reference herein). As Barkley does not provide any teaching of a hierarchical entitlement 
structure with inheritance for specifying entitlements for performing financial 
transactions, it does not cure the deficiencies of these references as to Appellant's 
invention. Appellant also believes that these dependent claims are distinguishable for the 
following additional reasons. 

2. Claims 2-3, 6, 9 and 17 

As previously discussed. Appellant's solution provides a hierarchical entitlements 
structure with inheritance enabling one role to inherit permissions from another role. 
More particularly. Appellant's claimed invention provides for a hierarchy of roles in 
which roles are inherited from above (see e.g., Appellant's specification, paragraph 
[0045]; see also, e.g., Fig. 5A at 501-503). Significantly, Appellant's approach is to 
structure such inheritance negatively so as to apply restrictions as one goes down in the 
hierarchical entitlements structure (see e.g.. Appellant's specification, paragraph [0045]). 
With Appellant's solution the root node residing at the top of the inheritance structure, for 
example, has all permissions and may perform all functions in the system (Appellant's 
specification, paragraph [0045]). As the hierarchy is traversed downward, additional 
restrictions are applied (Appellant's specification, paragraph [0045]). This approach of 
restricting inherited permissions is included, for instance, as limitations of Appellant's 
dependent claim 3 as follows: 
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The method of claim 2, wherein said step of defining a plurality of entitlement 
groups includes restricting permissions inherited by an entitlement group from its 
parent entitlement group in said hierarchical entitlement structure . 

(Appellant's claim 3, emphasis added) 

Thus, Appellant's solution provides for top-down inheritance in which an 
entitlement group inherits permissions from its parent, but tjrpically subject to restrictions 
on such permissions. Although Barkley discusses that one role may inherit from another 
role, Barkley takes a bottom-up, rather than a top-down, approach to inheritance. As 
described at column 9, lines 48-5 1 of Barkley, a "manager" role has its own permissions 
and also inherits those permissions of its "subordinates" (Barkley, column 9, lines 48-51). 
Thus, Barkley describes expanding permissions through inheritance rather than restricting 
them. Another example of Barkley's bottom-up approach to inheritance is described at 
column 12, lines 19-26 which describes a financial advisor role inheriting privileges from 
an account rep role, such that the financial advisor has the permissions necessary to 
function as an account rep (Barkley, column 12, lines 19-26). There is nothing in 
Barkley to teach or suggest that the lower account rep role includes all the privileges of 
the higher financial role with limitations. Thus, Barkley in fact teaches away from 
Appellant's top-down inheritance approach . Additionally, the Examiner also references 
column 11, lines 39-43 and column 13, lines 14-15 of Barkley as including teachings of 
restricting permissions inherited from a parent group of Appellant's claim 3. However, 
Appellant's review of the referenced teachings finds that while they discuss various roles 
having different object access privileges (e.g., to read, write or delete certain objects) 
they do not include teachings of restricting permissions inherited from its parent in a 
hierarchical entitlement structure. Given Barkley's bottom-up approach to inheritance, 
this is not surprising. Additional restrictions would not typically be applied to managers, 
for example, on privileges that they inherit from lower level subordinates. 

In the Final Rejection, the Examiner argues that Barkley's approach is a "top- 
down" approach simply because Barkley's solution provides for roles occupying a higher 
structure in the organization (e.g., branch manager) to have greater access privileges 
compared to roles at lower levels in the organization, such a employees (Final Rejection, 
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paragraph 4, page 7). Here, the Examiner appears to again rely on the fact that an 
organization may be organized hierarchically with senior level employees at the top and 
lower at the bottom as providing the "hierarchical" structure corresponding to Appellant's 
claim limitations. However, the "hierarchical structure" referenced in Appellant's 
specification and claims is not a corporation or organization. Instead, the hierarchical 
structure of Appellant's claimed invention is a manner of structuring entitlements (e.g., 
permissions and limits) in a tree form in which the root (all permissions) is at the top, 
child nodes inherit permissions from parent nodes above, and the permissions inherited 
by a child from its parent are restricted as one fraverses down the entitlement free 
structure. In confrast, when one looks at the actual teachings of Barkley regarding 
inheritance, it is clear that with Barkley's solution managers (i.e., the parent role), inherit 
permissions held by subordinate employees (children). As shown at Fig. 5 of Barkley, 
and described at col. 13, lines 41-49, the "financial advisor" role inherits read permissions 
from "employee" and "account rep" roles as follows: 

The Read permission for the files within the accounts directory is granted as a 

result of the fact that fmancial advisor inherits account rep, which has Read 

permission as a result of the definition of the accounts OAT. Also, 

financial advisor has Read permission on the file empl info as a result of the fact 

that financial advisor inherits employee and employee has Read permission for 

all files associated with the employee read OAT, as is the case for the file 

emplinfo 

(Barkley, column 13, lines 41-49) 

Barkley's also states that while the fmancial advisor role inherits permissions 
from the account rep role, the financial advisor role may also have additional 
permissions (Barkley, colimin 10, lines 50-55). Thus, rather than restrict the inherited 
permissions, the Barkley structure expands the permissions of higher level roles by 
having them inherit from lower level roles. RespectfiiUy, it is clear from this discussion, 
as well as review of the balance of the reference, that Barklev describes bottom-up. not 
top-down inheritance . 

2. Conclusion 

For the reasons discussed above, the combined references do not teach or suggest 
all of the claim limitations of Appellant's claims 2-3, 6, 9 and 17. Therefore, as the 
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combined references do not teach or suggest all the limitations of Appellant's claims it is 
respectfully submitted that Appellant's claimed invention is distinguishable over the prior 
art and that the Examiner's rejection under Section 103 should not be sustained. 

C. Conclusion 

The present invention greatly improves the efficiency of the specifying and 
enforcing permissions and limits for performing financial transactions that may be used 
with banking and other financial applications. It is respectfully submitted that the present 
invention, as set forth in the pending claims, sets forth a patentable advance over the art. 

In view of the above, it is respectfully submitted that the Examiner's rejection of 
Appellant's claims under 35 U.S.C. Section 103 should not be sustained. If needed, 
Appellant's undersigned attorney can be reached at 925 465 0361 . For the fee due for this 
Appeal Brief, please refer to the attached Fee Transmittal Sheet. This Appeal Brief is 
submitted electronically in support of Appellant's Appeal. 

RespectfiiUy submitted, 

Date: October 10, 2008 /G. Mack Riddle/ 

G. Mack Riddle; Reg. No. 55,572 
Attorney of Record 

925 465 0361 

925 465 8143 FAX 
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8. CLAIMS APPENDIX 



1. A computer-implemented method for specifying and enforcing entitlements for 
performance of financial transactions, the method comprising: 

providing a hierarchical entitlement structure with inheritance for specifying 
entitlements for performing financial transactions; 

receiving user input for defining a plurality of entitlement groups of said 
hierarchical entitlement structure, wherein each entitlement group has specified 
permissions to perform financial transactions, limits on performance of said financial 
transactions, and membership of each user; 

in response to a particular user request to perform a financial transaction at 
runtime, identifying the particular user's membership in a certain entitlement group; and 

determining whether to allow the particular user to perform the financial 
transaction based on permissions and limits of said hierarchical entitlement structure 
applicable to the particular user's performance of the financial transaction. 

2. The method of claim 1, wherein said hierarchical entitlement structure 
provides that a given entitlement group inherits permissions provided to its parent 
entitlement group in said hierarchical entitlement structure. 

3. The method of claim 2, wherein said step of defining a pluralify of entitlement 
groups includes restricting permissions inherited by an entitlement group fi-om its parent 
entitlement group in said hierarchical entitlement structure. 

4. The method of claim 1, wherein said step of defining a plurality of entitlement 
groups includes defining permissions to access particular objects in a financial 
application. 

5. The method of claim 4, wherein said step of defining a pluralify of entitlement 
groups includes defining permissions to perform functions on said particular objects. 
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6. The method of claim 4, wherein at least some of said particular objects 
represent bank accounts. 

7. The method of claim 1, wherein said limits comprise limitations on values of 
financial transactions to be performed. 

8. The method of claim 1, wherein said step of defining a plurality of entitlement 
groups includes defining limits comprising a selected one of per-transaction limits and 
cumulative limits over a period of time. 

9. The method of claim 1, wherein said step of defining a plurality of entitlement 
groups includes defining permissions applying to a selected one of functions of a 
financial application and objects of a financial application. 

10. The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable to individual users. 

1 1 . The method of claim 1 , wherein said step of defining a plurality of 
entitlement groups includes defining limits applicable collectively to members of an 
entitlement group. 

12. The method of claim 1, wherein said step of defining a plurality of 
entitlement groups includes defining limits applying collectively to a particular 
entitlement group and children entitlement groups of said particular entitlement group in 
said hierarchical entitlement structure. 

13. The method of claim 1, further comprising: 

tracking financial transactions performed for purposes of determining compliance 
with limits. 

14. The method of claim 13, wherein said step of tracking financial transactions 
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performed includes maintaining running total values of financial transactions performed 
in cache for improved performance. 

15. The method of claim 14, wherein said step of determining whether to allow 
the particular user to perform the financial transaction includes determining whether any 
limits have been exceeded based on the running total values and the value of the financial 
transaction requested by the particular user. 

16. The method of claim 1, further comprising: 

maintaining permission information for entitlement groups in the hierarchical 
entitlement structure in cache to improve system performance. 

17. The method of claim 16, wherein said permission information is modeled as 
three-tuples representing negative permissions. 

18. The method of claim 1 , wherein permissions provided to an entitlement group 
include permissions to administer a certain other entitlement group. 

19. The method of claim 18, wherein permissions to administer a particular 
entitlement group include modifying permissions of said certain other entitlement group. 

20. The method of claim 18, wherein said permissions to administer a certain 
other entitlement group are subject to limitations defined for the entitlement group having 

said permissions to administer. 

21 . The method of claim 1, wherein permissions provided to an entitlement group 
include permissions to extend a certain other entitlement group. 

22. The method of claim 21, wherein permissions to extend a certain other 
entitlement group include permissions to define a child entitlement group of said 
particular entitlement group. 
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23. (Canceled) 



24. A downloadable set of processor-executable instructions for performing 
method of claim 1. 



9. EVIDENCE APPENDIX 

This Appeal Brief is not accompanied by an evidence submission under §§ 1.130, 
1.131, or 1.132. 
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10. RELATED PROCEEDINGS APPENDIX 

Pursuant to Appellant's statement under Section 2, this Appeal Brief is not 
accompanied by any copies of decisions. 



